Welcome to TG Cloud Drive β a state-of-the-art, fully decentralized cloud storage workspace that turns your Telegram account's message threads (topics) into secure, encrypted block-storage slots. With zero server-side overhead, it is completely free, infinite, and executes fully in your browser.
Deploy your own private instance of TG Cloud Drive in just one click. Both platforms serve the app as static assets directly from edge CDNs, meaning you will never pay for bandwidth or server compute, and it is 100% immune to server timeouts.
Click the button below to fork and deploy directly to Vercel. During setup, configure your VITE_CLASHDB_URL and VITE_CLASHDB_PASSWORD variables to enable instant account synchronization:
Deploy globally to Cloudflare's ultra-fast edge network with zero configuration:
- π 100% Serverless SPA: Hosted entirely on static CDNs (Vercel/Cloudflare Pages). No heavy active backend means no CPU timeout issues or hosting costs.
- π Zero-Knowledge Local AES-GCM Encryption: All files are encrypted locally in your browser tab before being sent across the network. Telegram only ever sees scrambled binary bits.
- β‘ 100x Speed Upload & Download Streams: Leverages direct multithreaded MTProto pipeline concurrency to max out your internet bandwidth.
- π Infinite Nested Folders: Organize files into folders structured dynamically via your own synchronized metadata database.
- π¬ In-Browser Media Streaming (Service Worker Proxy): Stream high-definition movies and audio files progressively with instant scrubbing, buffering indicators, and zero memory crashes.
- π₯ Multi-Account Swapping: Connect and switch between up to 3 Telegram accounts seamlessly with a premium dropdown selector.
- π Power Shortcuts & Clear Triggers: Focus search instantly via
Ctrl + Kor/keys, with dynamic one-tap search field clearing. - π¨ Stunning Glassmorphic Design: Premium dark-themed UI featuring glowing vector illustrations, visualizer cards, and CSS backdrop blurs.
TG Cloud Drive is built from the ground up to follow Zero-Knowledge serverless design patterns. Unlike classic systems that route files through intermediate file servers (e.g. AWS S3, Node backends), this app exists solely in the clientβs browser runtime.
βββββββββββββββββββββββββββββββββ
β User's Browser Tab β
β (React 19, MTProto Client) β
βββββββββ¬ββββββββββββββββ¬ββββββββ
β β
[1MB AES-GCM Chunks]β β[Index Manifests]
βΌ βΌ
βββββββββββββββββββββ βββββββββββββββββββββ
β Telegram MTProto β β ClashDB / KV DB β
β (Storage Core) β β (Folders/Files) β
βββββββββββββββββββββ βββββββββββββββββββββ
Under the hood, we run a custom web-compiled Telegram Client using MTProto. The web app establishes direct TCP/WebSocket handshake connections with Telegramβs official production Datacenters (DCs).
- When you log in, your session keys and authentication secrets are saved locally in the browserβs IndexedDB database via encryption.
- No intermediate servers ever touch or see your session token or phone inputs.
To bypass Telegramβs file upload limitations and ensure absolute, military-grade privacy, the drive utilizes an autonomous Client-Side Slicing Engine:
- Chunking: Files are sliced into exactly 1MB binary chunks (
ArrayBuffer) in-memory. - Encryption: Each chunk is encrypted inside the browser using AES-256-GCM (authenticated symmetric encryption) with a unique, cryptographically secure random key.
- Storage: These encrypted chunks are sent to a private, hidden Telegram group/channel via separate media message packets.
- Zero Leakage: Since files are fully encrypted in the browser before hitting the network, Telegram sees only scrambled, unreadable binary blocks. Even if Telegram workers inspect their storage servers, they see zero readable files.
Classic browser downloads require downloading the entire file into memory before saving, which crashes the tab for files larger than 1GB. TG Cloud Drive bypasses this with a local streaming proxy:
- We register a custom Service Worker (
sw.js). - When you play a video or scrub through a movie, the HTML5 video element requests specific byte-ranges.
- Our Service Worker intercepts these byte requests locally, calculates which encrypted 1MB parts contain those bytes, downloads only those specific chunks from Telegram, decrypts them in-browser, and feeds the raw stream directly to your media player on the fly.
- This allows instant, buffer-free playback of multi-gigabyte video or audio files directly within your browser.
TG Cloud Drive enforces strict privacy practices:
| Component | Security Configuration | Storage Location |
|---|---|---|
| Authentication Keys | Encrypted Session Strings | Browser IndexedDB (Local only) |
| File Index Metadata | AES-GCM Encrypted JSON | ClashDB / KV Store (Synchronized) |
| Raw Storage Chunks | Encrypted Binary Blocks | Telegram Datacenters (Cloud) |
| Intermediate Servers | None | App is 100% serverless static HTML/JS |
- No Server Footprint: Because there is no active backend server, no database connection strings or secrets can ever be leaked or exposed by database breaches.
- Symmetric Sealing: The decryption key for every uploaded file is generated inside the browser and embedded directly in the index manifest. Since the manifest itself can be stored in your private ClashDB with strong authentication, only you have access to the keys.
Get your developer instance running locally in less than 2 minutes:
git clone https://github.com/ajisth/tg-cloud-drive.git
cd tg-cloud-driveMake sure you have Node.js (v18+) installed:
npm installCreate a copy of .env.example named .env.local inside the root folder:
cp .env.example .env.localOpen .env.local and configure your database endpoint:
VITE_CLASHDB_URL=https://your-clashdb-instance.vercel.app
VITE_CLASHDB_PASSWORD=your_secure_db_password
Run Vite in development mode:
npm run devOpen http://localhost:5173/ in your web browser to start using your drive.
TG Cloud Drive is committed to open, safe, and professional standards. Read our dedicated files for deep disclosures:
- MIT License β Full licensing text and utilization guidelines.
- Code of Conduct β Core community covenant and standard policies.
- Security Policy β Detailed vulnerability disclosures and updates tables.